[amaccuish]

https://en.wikipedia.org/wiki/Tcpcrypt

[pixl97]

How does opportunistic encryption prevent a MITM from forcing the session into unencrypted mode when its established?

[amaccuish]

It doesn't, but that's not the point of it. It's to prevent passive spying, like opportunistic TLS for SMTP.

I merely pointed it out because the OP was talking about encryption done at the TCP layer. :)